After some discussion in IRC (Fedora-admin) we are wondering if
pushing a new git in EPEL is a good idea. There are some changes such
as git-command vs git command. So there could be some breakage.
Should we push a new git and cause some breakage or stick with old-n-busted?
My thoughts are to push out a new one, since I think if you are using
git, you curse everytime you touch this old crusty thing :)
stahnma

Hi,
GLPI 0.71 is a very old version, unmaintained upstream.
This version have some security issues which are fixed in recent
version. But GLPI code have heavily change, and now requires PHP5, so
backporting fixes is a huge work.
Last security issue concern embedded phpCas library
RPM available in fedora and EPEL-5 use the system php-pear-CAS package
which have all security fixes.
If you don't use CAS authentification, and if you only use GLPI on a
private and secure network, you probably could continue to use it.
Else you should probably plan an upgrade to a recent version.
EPEL-5 provides the GLPI 0.72.4 version
(which will be maintained as long as possible)
EPEL-6 will provide the new GLPI 0.78.1 (when available) which requires
PHP 5.2 (required by php-ezc-* components used)
Regards
Remi
_______________________________________________
epel-announce mailing list
epel-announce(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/epel-announce